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1. (Currently amended) A method for providing security services in a clustered data processing 
environment, said method comprising the steps of: 

providing an access program layer on at least two data processing nodes of said clustered 
environment, said layer presenting a consistent security interfac e, from at least two of said nodes 
to at least two types of security program module which implement a security service on different 
nodes within said cluster, to applications which run on said nodes and which access a same one 
of said at least two types of security program modules on different nodes, through said consistent 
interface ; and 

[providing at least one security program module which implements a security service 
within said cluster; and] 

providing at least one adapter module for each security program module, wherein said at 
least one adapter module maps parameters of said security service to said security interface^ 
whereby applications running on different nodes do not require modification to use different 
security program modules . 

2. (Original) The method of claim 1 in which there are a plurality of more than two of said data 
processing nodes. 

3. (Original) The method of claim 1 in which there are a plurality of security program modules. 

4. (Original) The method of claim 1 in which there are a plurality of said adapter modules. 

5. (Original) The method of claim 1 in which said access program layer includes authentication 
and authorization services through said security interface. 



-2- 



PATENT 

IBM Docket No. POU920010074US1 09/942,417 

6. (Original) The method of claim 1 in which said access program layer includes access control 
services through said security interface. 

7. (Original) The method of claim 6 in which said access control list includes entries grouped by 
at least one characteristic selected from the group consisting of type, mechanism, identity and 
permission bit mask. 

8. (Original) The method of claim 1 in which said access program layer loads security program 
modules identified through said security interface. 

9. (Currently Added) A computer readable medium having computer executable instructions 
causing a computer to provide an access program layer on at least two data processing nodes of 
said clustered environment, said layer presenting a consistent security interface, from at least two 
of said nodes to at least two types of security program module which implement a security 
service on different nodes within said cluster, to applications which run on said nodes and which 
access a same one of said at least two types of security program module on different nodes, 
through said consistent interface; and to provide at least one adapter module for each security 
program module, wherein said at least one adapter module maps parameters of said security 
service to said security interface, whereby applications running on different nodes do not require 
modification to use different security program modules. 

10. (Currently Added) A multinode data processing system whose memory contains 

programming to provide an access program layer on at least two data processing nodes of said 

clustered environment, said layer presenting a consistent security interface, from at least two of 

said nodes to at least two types of security program module which implement a security service 

on different nodes within said cluster, to applications which run on said nodes and which access 

a same one of said at least two types of security program module on different nodes, through said 

consistent interface; and to provide at least one adapter module for each security program 
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module, wherein said at least one adapter module maps parameters of said security service to said 
security interface, whereby applications running on different nodes do not require modification to 
use different security program modules. 



